1 results (0.002 seconds)
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0
CVE-2024-32433 – WordPress BEAF plugin <= 4.5.4 - Cross Site Request Forgery (CSRF) vulnerability
https://notcve.org/view.php?id=CVE-2024-32433
Cross-Site Request Forgery (CSRF) vulnerability in Themefic BEAF.This issue affects BEAF: from n/a through 4.5.4. Vulnerabilidad de Cross-Site Request Forgery (CSRF) en Themefic BEAF. Este problema afecta a BEAF: desde n/a hasta 4.5.4. The BEAF plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 4.5.4. This is due to missing or incorrect nonce validation on the bafg_new_feature_notice_dismissed() function. • https://patchstack.com/database/vulnerability/beaf-before-and-after-gallery/wordpress-beaf-plugin-4-5-4-cross-site-request-forgery-csrf-vulnerability?_s_id=cve • CWE-352: Cross-Site Request Forgery (CSRF) •